[Date Prev] [Date Index] [Date Next] [Thread Prev] [Thread Index] [Thread Next]

Re: handling failover advice

Bryan Stansell bryan@conserver.com
Sat, 30 Nov 2002 10:23:16 -0800 (PST)

On Thu, Nov 28, 2002 at 09:02:48PM -0000, Michael Doyle wrote:
> What is the best way to spread the workload across multiple Conserver
> servers and allow for the event that 1 of the servers becomes
> unavailable. For example if I have 2 servers available to act as
> probably be required but I wanted to find out how other people have
> covered this. Hope that makes sense.

personally, i'd just edit the config file and do a global
search/replace of the "bad" conserver host with the "good" one and send
a HUP sigal.  i always use RCS for files, so i'd leave it checked out
and then just revert to the last checked in version when the other host
comes back up.  but, i hope there are better methods or ideas.  or
maybe not.  keeping it simple is always good (maintaining multiple
copies with different master servers so you just do a copy seems like a
whole lot more work than just a global search/replace - and much more
of a chance to forget or mess things up).  i always work under the
premise that there's one conserver.cf file distributed to all the
conserver hosts.  that way you can just edit that one, redistribute,
and send a HUP - all conserver hosts will know the consoles moved to
the other conserver host so that redirections of clients work.

hope that makes sense.

> Also do most people run the server daemon as root or can it be run
> without issue as a specified user.

you should be able to run a non-root as long as you take the password
authentication and port number into consideration.  the server won't
step down to another user from root, so you have to just run the code
as the other user which means you won't be able to bind to ports below
1024 or do shadow password lookups (which even the PAM libraries will
do, so using PAM may not be a workaround, depending on your PAM
setup).  now, depending on what type of consoles you are connecting to,
that may be an issue as well.  if you have local serial ports and the
user can't open them, you'll need to change perms or ownerships so that
it can.

it would be nice if you could tell conserver to run as a different user
and have it step down automatically, avoiding the password and port
binding issues.  perhaps, one day, that will be possible - i'd
definitely like to see it happen.